Skip to content

Support verification of Notary Project signatures created with Azure Key Vault in Ratify #817

New issue
New issue
Open
Open
Support verification of Notary Project signatures created with Azure Key Vault in Ratify#817
Assignees
yizha1
Labels
feature-requestIssues that request new featuresfeature-signing-and-verificationIssues related to signing and verification of artifactsroadmapFeatures and asks that should show up on the public roadmaptriagedUse after the issue is triaged
@yizha1

Description

@yizha1
yizha1
opened on Jan 28, 2025

This issue is to ask the support of verifying signatures during image deployment to ensure only trusted images are deployed on Azure Kubernetes Service (AKS) clusters. The signatures are produced with Azure Key Vault (AKV) according to the following guideline:

Sign container images with Notation and Azure Key Vault using a CA-issued certificate
Sign container images with Notation and Azure Key Vault using a self-signed certificate

In AKS clusters, Ratify will work with Azure policy to deny/audit images that fali policy validation.

Metadata

Metadata

Assignees

Labels

feature-requestIssues that request new featuresfeature-signing-and-verificationIssues related to signing and verification of artifactsroadmapFeatures and asks that should show up on the public roadmaptriagedUse after the issue is triaged

Type

No type

Projects

Cloud Native Security & Registries Roadmap (Public)

Status

In Progress (Development)

Milestone

No milestone

Relationships

None yet

Development

No branches or pull requests

Issue actions